how to get a working HTTPS site for stand alone - the idiots guide

I call this the idiots guide as I am the chief idiot and it took me 2 days with help from the xojo windows forum.

I am doing this for windows but I would imagine it works the same for MAC as well.There are really only a few steps and you should have it up and running within a few clicks and emails.

First go to https://www.gogetssl.com/ and create an account.I have nothing to do with them so I am sure there will be a similar process with other providers.I use them as they have a FREE 3 month trial and if you follow the steps you will get the green padlock on your site.

Once you are in your account click on "Create a new order"

Scroll all the way down the bottom to the "65 GGSSL TrialSSL", once again free and lasts 3 months.Click on ORDER and you will be taken to step 1 of 4 it should all say $0.00leave it all as it is and click on "Complete order"This will take you back to your Dashboardon the left hand side click on "SSL certificates" this will take you to "Manage SSL certificates"You should have one line which says incomplete , click on GENERATEYou want to find this line ( in the third section - it is in orange)Online CSR Generatorclick it and you will taken to a new site and hopefully a new tabscroll down a bit and you will find "Common Name"Here is the first "gotcha" , this has to be the name of your siteI.e. If your site is www.mysite.com.au then put in www.mysite.com.au If you use something else then you will get a padlock but it will be in orange as the domain does not match the domain the the SSL certificateDo NOT put a * at the start even though it says you can - it doesn't work for the next step.

Fill in the information and ensure you use a real email as they send you the information via email as well as a verification code.

Click on Generate CSR

Second GotchaThis takes you to a new page on it you will find the CERTIFICATE REQUEST and the PRIVATE KEYcopy the PRIVATE KEY and save it in a text file - call the file "my RSA private key.txt"copy the CERTIFICATE REQUEST and save it in a text file - call the file "my CERTIFICATE REQUEST.txt"

You will also get an email from GoGetSSL containing the information but if you do it now it works bettersubject line of email will be "CSR and SSL Private Key for ..."

Since the last thing we copied was the CERTIFICATE REQUEST we can now go back to the first TAB and PASTE it into the third section, leave everything else the sameClick on VALIDATE CSR

the next step is to validate you own the domain. There is a drop down list of valid domain admins and you have the option of using a WHO IS lookup.I used admin@ but if none of them work for you then create yourself a new email which suits one they will let you select.

click on "Next Step"

type in your Administrative Contact details and click on "Complete Generation"I have never got any spam from them in case you are worried.

Now we wait - it can take 5-10 minutes, you can close the other TAB now if you haven't already.

They are going to send you an email with a link and a code.Subject line : ORDER #179357330 - Domain Control Validation for ....

copy the code and click on the link.Paste the codeclick the button and it will validate, click on close window.

If the email doesn't come you can click on the INFO button under "SSL Certificates" and check the email address you gave.I found that during this test the email didn't arrive so I just cancelled the order and started again. :(

Once you validate the code they will send you two emails ( only a few minutes )Look for the one with the subject line : ORDER #179357330 - Your Free SSL Certificate for ...in the TEXT of the email you will see the certificate, copy the certificate (including the ----) and paste it into a new text documentcan the text file "certificate.txt"

We now have everything we need.

make a new TEXT file and copy/paste everything from "Certificate.txt" then a blank line and copy/paste everything from "my RSA private key.txt" then a blank line

save the file and paste it into the folder where you have your WEB Stand alone app.if your app is called "My Site ABC.exe" then rename your SSL file as "My Site ABC.crt"

here is the last gotchawhen you run your site/app you need to do it from the command line

in windows open a CMD window and drag the icon for your app into the command line window. This will paste in the full path to your app, then put a space and type this--secureport=443and hit enter.It should look something like this"C:\Users\damon\Desktop\The EDI Cloud\my site abc.exe" --secureport=443(two - signs)

(set up your firewall / port forwarding etc... in your router if required.)Your app will run and you can use it in HTTP mode as normal but you will also have https:// all in the one app.Those folks at XOJO are smart arn't they!!

if you are already using port 443 then change it to any other port, I have to use 4430the url would then be https://www.mysite.com.au:4430 , works perfectly fine as well

Lastly, if you need to do the process again the information in "my CERTIFICATE REQUEST.txt" can be used again so you dont need to type the information in again.

Hi Guys,in 3 months you will need to buy a new certificate, you can tell as your site will no longer have the green lock.

First go to https://www.gogetssl.com/ and log into your accountI have nothing to do with them so I am sure there will be a similar process with other providers.They are really cheap at under 9 dollars for 2 years.Process the order and use your CSR which you can get off the website, it is the same CSR that you used for the TRIAL account.

One you have validated your email etc... you will get an email with a subject like thisNew SSL Certificate [GOGETSSL] ORDERID: S0942237

open your certificate file I.e. "My Site ABC.crt" in a text editor and DELETE the section(s) which have a -----BEGIN CERTIFICATE-----...-----END CERTIFICATE----- BUT LEAVE the one with the -----BEGIN RSA PRIVATE KEY-----

Now paste your new ones into the top of the text file, if it is like mine you will have 3 -----BEGIN CERTIFICATE----- and 1 -----BEGIN RSA PRIVATE KEY-----

save the file and replace the current certificate with the new one.No need to rerun your app.When you go to your SSL site you should have your green lock back hope this helps.